Expect

* a program to control interactive applications
o it maybe possible to control interactive applications from other scripting languages as well
+ python, perl
* expect programming is very easy compared to perl!
o crackers use expect to try and gain access to machines via ssh, ftp, telnet
+ ask AJC Blyth

2. Expect example uses

* as system administrators we may have need for automating interactive activities
o testing remote access works (telnet, ftp)
o down loading ftp files
o changing password
o running security checks
* we could build a script which test that our server is safe
o from guest accounts
o no telnet access is allowed
o no ssh from lab machines is allowed
+ but ssh from privileged machines is working

3. Expect and examples

* automatically creating passwords
o can be done via C
+ takes a lot of time to write such programs
+ will it work with NIS, shadow passwords or Kerboros?
* with expect we run the user program passwd and send keyboard input

4. Password Trial

* advice first run the program that you want to connect to expect by hand
o note the output and build expect around it
o so let us change a password for bob
*

o passwords were entered, but obviously the passwd program did not echo back our input!

5. Trial results

* we note that the program prompted us for a password twice
o both times it ended its sentence with password:
o as we are lazy we can wait until we see password: and ignore anything that was before
+ why is this good practice?
+ what must we watch out for?
*

* #!/usr/bin/expect script is interpreted via expect located in directory /usr/bin
* spawn passwd [lindex $argv 0]
o run the program passwd bob and connect expect to this program
o note that [lindex $argv 0] resolves to bob
+ actually argument one (hmm..)

8. Script explanation

* set password [lindex $argv 1]
o defines a variable password and sets it to 123
* expect “password:”
o waits for the program passwd to issue password: before continuing
* send “$password\r”
o sends the users password to passwd followed by a carriage return
* note the script repeats the last two commands, why?
* finally expect eof wait for passwd to finish

9. Anchoring

* you might want to match text at the beginning or end of a line, this is via
o ^ for the beginning of a line
o $ for the end of a line
* also note that * means any number of characters

* note that different actions can be associated with different input
o note also that the default timeout time is set at 10 seconds to disable the timeout facility
o set timeout -1

11. Autoftp and expect

* so far we have built the front end to autoftp
o scans the input file for URLs
o handles arguments
* we will use expect to control ftp, we will build this up this utility
* firstly we will ftp manually